If you watch those spy movies, they always seem to show the hackers routing their traffic from computer to computer, making it hard to impossible to find them.
While it is way harder that it seems in the movies, it is very doable.
But in a boned-headed move, many home router manufacturers have enabled a feature – and possibly gave you no way to turn it off – that helps the hackers do this.
Universal Plug and Play was invented by Microsoft to enable Xbox owners to build their own network of gamers without having to understand how home routers work. Normally, home routers should block computers trying to connect to anything inside your network from the Internet, but that is exactly what Microsoft needed for the Xbox, so they created a standard and convinced router makers to implement it.
As horrible a security decision as this is, what is worse is that some bone-headed router makers enabled this from the outside, not just from the inside. According to Akamai, they have already found over 50,000 such routers.
Worse yet, the standard allows you to create a forwarding rule not just to some address behind the router, but to any address anywhere.
What this enables is the ability to use your router, if this feature is enabled, to act as a “call forwarder” and allow hackers to make their traffic look like it came from your network.
Of course, if this does happen and the hacker does something bad, since it looks like you were the one who attacked the XYZ, the feds will come to your door with their assault rifles and bullet proof vests. Just to ask you a couple of questions.
So, what should you do.
First, there is an easy and free test to see if your router is doing this.
Visit https://www.grc.com/shieldsup . Shields Up is a great tool, but right now just click on PROCEED and then when the next screen comes up, click on the big, gold “GRC’s Instant UPnP Exposure Test” button. The test should take less than 30 seconds and if the box comes back GREEN, you are good. Anything else, you have a problem.
If you do not understand how to configure network equipment, you are likely going to have to get a professional to help you, but *IF* UPnP can be turned off, the process should be pretty simple and quick.
Information for this post came from Bleeping Computer.